From fefd64b878a3e4ecfc2b1b385f47c1d7f7593648 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Tue, 27 May 2014 22:27:15 -0400 Subject: [PATCH] Configure heat keystone client for SSL when keystone uses SSL When SSL is enabled in Keystone, the path to the Keystone CA file needs to be set in ca_file in the clients_keystone section. Change-Id: Ic324e09b42a96d0ba31e13f8e8042cb3ac24d0b6 Closes-Bug: 1324207 --- lib/heat | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/heat b/lib/heat index fe75ec9dc4..a9f9f2a7bf 100644 --- a/lib/heat +++ b/lib/heat @@ -117,6 +117,10 @@ function configure_heat { iniset $HEAT_CONF keystone_authtoken admin_password $SERVICE_PASSWORD iniset $HEAT_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR + if is_ssl_enabled_service "key"; then + iniset $HEAT_CONF clients_keystone ca_file $KEYSTONE_SSL_CA + fi + # ec2authtoken iniset $HEAT_CONF ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0